Taking aim at cybercrime. - CyberWire Daily

Summary6 min read

CyberWire Daily – Episode Summary: "Taking Aim at Cybercrime"

Release Date: November 26, 2024
Host: Maria Varmazas
Guest: Clemence Poirier, Senior Cyber Defense Researcher at the Center for Security Studies, ETH Zurich
Produced by: N2K Networks

1. Disruption of Chinese Cybercrime Syndicates in Thailand

Key Highlights: Thai authorities successfully dismantled two sophisticated cybercrime syndicates operated by Chinese nationals, responsible for extensive fraudulent activities.

Scam Call Operations:
The first syndicate exploited over 10,000 phone numbers with Bangkok's 02 area code to execute more than 700 million scam calls within three days. These calls promoted fraudulent investment schemes linked to three companies associated with Chinese nationals. As a result, 24 suspects (nine foreigners and fifteen Thais) were issued arrest warrants, with 10 individuals apprehended.

"The fraudulent messages impersonated the Advanced Info service and urged recipients to redeem expiring points via a provided link," explained Maria Varmazas. (02:32)
SMS Blaster Incident:
Concurrently, authorities arrested a 35-year-old Chinese national who operated an SMS blaster from a van in Bangkok's Sukhumvit area. Over three days, the device transmitted nearly one million phishing messages, each capable of sending 100,000 texts per hour within a three-kilometer radius. These messages led recipients to phishing sites designed to harvest credit card information for unauthorized transactions abroad.

2. CyberVolk's Expansion and Ransomware Tactics

Overview: CyberVolk, a hacktivist group with possible Indian origins, has been active since at least March 2024. Unlike typical hacktivist groups that focus on Distributed Denial of Service (DDoS) attacks, CyberVolk employs ransomware and information-stealing malware.

Global Impact:
The group has compromised critical infrastructure in Japan, France, and the UK, demanding $1,000 in cryptocurrency with victims instructed to pay within five hours.

"CyberVolk's adaptability in using various ransomware families underscores the dynamic nature of affiliations among hacktivist groups," noted Maria Varmazas. (02:32)
Ransomware Evolution:
Their ransomware is derived from leaked source code of the pro-Russian group Azosec, utilizing families like Hexalocker and Parano. This adaptability highlights the evolving tactics of hacktivist affiliates.

3. Major Cybersecurity Incidents

Microsoft 365 Outage: On November 25, 2024, Microsoft 365 services, including Outlook and Teams, experienced a significant outage affecting global users. The issue was attributed to a recent change impacting Exchange Online and Teams calendar functionalities, with 98% of environments restored by noon Eastern Time. Microsoft acknowledged the event's impact and committed to swift resolution.

Wirral University Teaching Hospital Cyber Attack: On November 26, 2024, the Wirral University Teaching Hospital NHS Trust in Northwest England declared a major incident due to a cyberattack affecting its entire network. This breach resulted in the cancellation of all outpatient appointments and a directive for the public to use emergency services only for genuine emergencies. This marks the third significant cyber incident targeting NHS units this year.

4. Advanced Threats and Malware Campaigns

Salt Typhoon's Ghost Spider Malware: Trend Micro reported on a new strain of malware, Ghost Spider, used by the Chinese state-sponsored threat actor Earth Estries (Salt Typhoon) targeting Southeast Asian telecommunications companies. This sophisticated multimodular backdoor operates alongside the Demodex rootkit for long-term espionage operations, compromising over 20 organizations across multiple countries, including Afghanistan, Brazil, and the United States.

Romcom's Exploitation of Zero Days: Essette highlighted that the Russia-aligned threat actor Romcom exploited critical zero-day vulnerabilities (CVE2024-9680 and CVE202449-00:39) affecting Mozilla products and Windows systems. These exploits allowed for the installation of malware via malicious web pages without user interaction. Both vulnerabilities have since been patched.

5. Corporate Cyber Attacks and Legal Challenges

Blue Yonder Ransomware Attack: On November 21, 2024, Blue Yonder, a supply chain management software provider, faced a ransomware attack disrupting its managed services environment. Affected clients included Starbucks and UK supermarket chains Morrison's and Sainsbury's, impacting employee payments and supply chain operations. Blue Yonder has engaged cybersecurity firms to investigate and restore services, with no specific recovery timeline provided.

Google's UK Class Action Lawsuit: Google is currently facing a £7 billion ($8.8 billion) class action lawsuit in the UK. Led by Consumer Rights Advocate Nikki Stopford, the lawsuit alleges that Google abused its dominance in the search engine market by mandating Android device manufacturers to pre-install Google Search and Chrome, and paying Apple to make Google the default search engine on Safari. This conduct is claimed to have stifled competition, leading to higher advertising costs passed on to consumers. The UK's Competition Appeal Tribunal has allowed the case to proceed, marking a significant legal challenge for Google.

6. Insights from Clemence Poirier on Space Cybersecurity

Discussion Highlights:

Maria Varmazas interviews Clemence Poirier about the evolving landscape of cybersecurity attacks in space.

Wake-Up Call from Viasat Attack:
The infamous Viasat cyberattack served as a catalyst, shifting the conversation towards the importance of cybersecurity in the space sector. Prior to this, cybersecurity was often overlooked by engineers, industry professionals, and policymakers within the space industry.

"Nobody really paid so much attention to that and the threat was a bit overlooked as well," Clemence Poirier remarked. (15:14)
Proliferation of Cyber Operations:
Poirier's research involved analyzing hundreds of hacker forums and social media channels, uncovering 124 cyber operations targeting the space sector in the context of the Ukraine conflict. These operations were often part of larger campaigns against specific countries rather than targeted solely at the space sector.
Challenges for Hacktivist Groups:
Many hacker groups expressed fascination with space as the "final frontier" but acknowledged the complexities involved in executing attacks on space systems. This indicates a knowledge gap among threat actors regarding the intricacies of space cybersecurity.

"There's still a knowledge gap for threat actors about how to enter into a space system," Poirier observed. (21:51)
Evolving Conversations and Perceptions:
The Viasat attack has fundamentally changed how both the industry and adversaries view space cybersecurity. Commercial players like Starlink and Viasat are now recognized as critical infrastructure requiring robust protection.

7. Notable Cybercrime Case: Nicholas Kloster

Case Overview: Nicholas Kloster from Kansas City faces federal charges for his audacious cybercrimes aimed at pitching his cybersecurity services.

Gym Breach:
Kloster breached a gym's security cameras and routers, offered to fix the vulnerabilities he exploited, reduced his gym membership fee to $1, deleted his profile, and manipulated the gym's systems—all before flaunting the compromised cameras on social media.
Nonprofit Attack:
He utilized a boot disk to bypass authentication, install a VPN, and change account credentials, forcing the nonprofit to spend $5,000 on remediation and upgrades.
Use of Stolen Data:
Kloster reportedly used stolen credit card data from a former employer to purchase hacking tools, solidifying his status as a rogue entrepreneur.

"Real cybersecurity pros don't exploit systems, they protect them," Maria Varmazas emphasized. (15:14)

Kloster faces up to 15 years in prison for his actions, serving as a stark reminder of the ethical boundaries in cybersecurity.

Conclusion

This episode of CyberWire Daily provides an in-depth analysis of recent cybercrime activities, highlighting the global efforts to combat sophisticated threats emanating from state-sponsored actors and criminal syndicates. The discussion with Clemence Poirier sheds light on the emerging challenges in securing space infrastructure, emphasizing the need for heightened awareness and robust defense mechanisms. Additionally, the case study of Nicholas Kloster underscores the importance of ethical practices in the cybersecurity profession.

For more detailed information on today's stories, listeners are encouraged to visit the CyberWire daily briefing at thecyberwire.com.

Notable Quotes:

"CyberVolk's adaptability in using various ransomware families underscores the dynamic nature of affiliations among hacktivist groups." – Maria Varmazas (02:32)
"Nobody really paid so much attention to that and the threat was a bit overlooked as well." – Clemence Poirier (15:14)
"There's still a knowledge gap for threat actors about how to enter into a space system." – Clemence Poirier (21:51)
"Real cybersecurity pros don't exploit systems, they protect them." – Maria Varmazas (15:14)

Stay Informed: Subscribe to CyberWire Daily for comprehensive cybersecurity news and analysis from industry leaders. Share your feedback to help us deliver the insights you need to stay ahead in the rapidly evolving world of cybersecurity.

Loading summary

Transcript19 lines

[00:02]
Maria Varmazas
You're listening to the Cyberwire Network powered by N2K.
[00:09]
Gianna Whitfer
Gianna Whitfer here, co host of the Breaking through in Cybersecurity marketing podcast on N2K CyberWire Network. Here to interrupt your Thanksgiving break with just one little ad. We are hosting Cyber Marketing Con, a conference for marketers and go to market in the business side of cybersecurity this December 8th through 11th in the beautiful city of Philadelphia, Pennsylvania and also virtually get your ticket at cybermarketingconference.com or through our main website cybersecuritymarketingsociety.com.
[00:48]
Dave Buettner
Hey everybody, Dave here. I want to talk about our sponsor, LegalZoom. You know, I started my first business back in the early 90s and oh what I would have done to have been able to have the services of an organization like LegalZoom back then. Just getting all of those business ducks in a row, all of that technical stuff, the legal stuff, the registrations of the business, the taxes, all of those things that you need to go through when you're starting a business, the hard stuff, the stuff that sucks up your time when you just want to get that business launched and out there. Well, LegalZoom has everything you need to launch, run and protect your business all in one place and they save you from wasting hours making sense of all that legal stuff. Launch, run and protect your business. To make it Official today@legalzoom.com you can use promo code CYBER10 to get 10% off any LegalZoom business information product, excluding subscriptions and renewals that expires at the end of this year. Get everything you need from set up to success@legalzoom.com and use promo code CYBERTEN, that's legalzoom.com and promo code CYBER10. Legalzoom provides access to independent attorneys and self service tools. Legalzoom is not a law firm and does not provide legal advice except where authorized through its subsidiary law firm LZ Legal Services llc.
[02:32]
Maria Varmazas
Smashing Cybercrime syndicates Cybervolt goes global Tech troubles mostly resolved. A malware web weaved by salt typhoon targets global sectors Love at first exploit ransomware attack on blue yonder brews trouble. Google faces a UK court battle, lateral moves and lost data. And I sit down with Clemence Poirier, Senior Cyber Defense Researcher at the center for Security Studies at ETH Zurich to discuss cybersecurity attacks in space. And finally, a cybersecurity sales pitch goes rogue. Today is November 26, 2024. I'm Maria Varmazas, host of the T Minus Space daily podcast in for Dave Buettner and this is your Cyberwire Intel Brief Thai authorities dismantled two sophisticated Chinese operated cybercrime syndicates responsible for extensive fraudulent activities. The first Syndicate utilized over 10,000 phone numbers with Bangkok's 02 area code to execute more than 700 million scam calls within three days promoting fraudulent investment schemes. Investigations revealed connections to three companies linked to Chinese nationals, leading to arrest warrants for 24 suspects including nine foreigners and 15 Thais, with 10 individuals apprehended. Concurrently, police arrested a 35 year old Chinese national operating an SMS blaster from a van in Bangkok's Sukhumvit area. Over a three day period. The device transmitted nearly one million phishing messages, each capable of sending 100,000 texts per hour within a three kilometer radius. The fraudulent messages impersonated the Advanced Info service and urged recipients to redeem expiring points via a provided link, which then led to a phishing site designed to harvest credit card information for unauthorized transactions abroad. CyberVolk, a hacktivist group with possible Indian origins, has been active since at least March 2024 targeting state and public entities in nations opposing Russian interests. Initially known as gloriamist India, the group rebranded to Cybervolk and has claimed responsibility for compromising critical infrastructure in Japan, France and the uk. Unlike typical hacktivist groups that primarily conduct distributed denial of service attacks or DDoS attacks, CyberVolk employs ransomware and information stealing malware. Their ransomware derived from leaked source code of the Pro Russia group Azosec, demands $1,000 in cryptocurrency, with victims instructed to pay within five hours. CyberVoq's adaptability in using various ransomware families, including Hexalocker and Parano, underscores the dynamic nature of affiliations among hacktivist groups. Yesterday, on November 25, 2024, Microsoft 365 services including Outlook and Teams, experienced a significant outage affecting users globally. Reports indicated difficulties accessing emails, loading calendars and opening applications like PowerPoint. Microsoft acknowledged the issues, attributing them to a recent change impacting Exchange Online and Teams calendar functionalities. By noon Eastern time, the company reported resolving issues in approximately 98% of affected environments, though some recovery efforts faced delays. Microsoft, for its part, expressed understanding of the event's significant impact on businesses and committed to providing relief as swiftly as possible. On November 26, 2024, Wirral University Teaching Hospital NHS Trust in Northwest England declared a major incident due to a cyber attack affecting its entire network, including Aeropark, Clatterbridge and Wirral. Women and Children's hospitals. This breach led to the cancellation of all outpatient appointments and a directive for the public to use emergency services only for genuine emergencies. This marks the third significant cyber incident targeting NHS units this year, following previous attacks that disrupted services and compromised patient data. The Trust has implemented business continuity processes and is collaborating with cybersecurity experts to investigate and mitigate the breach. Trend Micro has published a report on a new strain of malware used by the Chinese state sponsored threat actor Earth Estries, also known as Salt Typhoon, to target Southeast Asian telecommunications companies. The malware, dubbed Ghost Spider, is a sophisticated multimodular backdoor designed with several layers to load different modules based on specific purposes. The backdoor is used alongside the Demodex rootkit for long term espionage operations. In addition to telecommunications companies, the group has targeted entities in the technology consulting, chemical and transportation sectors as well as government agencies and NGOs. Trend Micro says the campaign compromised more than 20 organizations across Afghanistan, Brazil, Eswatini, India, Indonesia, Malaysia, Pakistan, the Philippines, South Africa, Taiwan, Thailand, the United States and Vietnam. The researchers note that most of the victims had been compromised for several years. Essette warns that the ROM COM threat actor exploited a critical zero day affecting Mozilla products to install malware. The vulnerability CVE2024 9680, was assigned a CVSS score of 9.8 and allows vulnerable versions of Firebox, Thunderbird and the Tor browser to execute code in the restricted context of the browser. Romcom chained this flow with a Windows 0day CVE 202449 00:39 to deliver malware via malicious web pages with no user interaction required. Both vulnerabilities have since been patched. A reminder that Romcom is a Russia aligned threat actor that conducts espionage alongside cybercrime operations. In an update to a story we are following this week, on November 21, 2024, supply chain management software provider Blue Yonder experienced a ransomware attack that disrupted its managed services hosted environment. This incident affected several major clients including Starbucks and UK supermarket chains Morrison's and Sainsbury's. Starbucks faced challenges in paying baristas and managing employee schedules, while Morrisons and Sainsbury's encountered disruptions in their supply chains. Blue Yonder has engaged a cybersecurity firm to assist in investigating and restoring impacted services, but has not yet provided a specific timeline for full recovery. Google is facing a 7 billion pound or $8.8 billion class action lawsuit in the UK alleging that the company abused its dominance in the search engine market. The claim, led by Consumer Rights Advocate Nikki Stopford asserts that Google's practices, such as requiring Android device manufacturers to pre install Google Search and Chrome and paying Apple to make Google the default search engine on Safari, have stifled competition. This lack of competition purportedly led to higher advertising costs, which were then passed on to consumers. The UK's Competition Appeal Tribunal has allowed the case to proceed, marking a significant legal challenge for Google in the uk. The Cybersecurity and Infrastructure Security Agency, or cisa, has released a comprehensive report detailing a Red Team assessment conducted on a critical infrastructure organization. This assessment aimed to evaluate the organization's cybersecurity posture by simulating real world attack scenarios and key findings from the report include Initial access the Red Team gained access through SPEAR phishing emails highlighting the need for robust email security measures. Privilege Escalation Exploiting misconfigurations the team escalated privileges, underscoring the importance of proper system configurations. Lateral Movement the team moved laterally across the network using compromised credentials, emphasizing the necessity for strong access controls and data exfiltration. Sensitive data was exfiltrated without detection, indicating gaps in monitoring and data loss prevention strategies. For its part, CISA recommends organizations implement multifactor authentication, conduct regular security training, and continuously monitor network activity to mitigate such vulnerabilities. This report serves as a critical resource for organizations aiming to strengthen their cybersecurity defenses. Today, our guest is Clemence Poirier, Senior Cyber Defense Researcher at the center for Security Studies at ETH Zurich. Clemence and I recently spoke about cybersecurity attacks in space and following the interview, get some tips on how not to convince prospective customers that they should secure your services. We'll be right back.
[12:07]
Clemence Poirier
And now a word from our sponsor. Knowbefore it's all connected and we're not talking conspiracy theories when it comes to infosec tools, effective integrations can make or break your security stack. The same should be true for security awareness training. KnowBe4, provider of the world's largest library of security awareness training, provides a way to integrate your existing security stack tools to help you strengthen your organization's security culture. KnowBe4's security coach uses standard APIs to quickly and easily integrate with your existing security products from vendors like Microsoft, CrowdStrike and Cisco. 35 vendor integrations and counting Security Coach analyzes your security stack alerts to identify events related to any risky security behavior from your users. Use this information to set up real time coaching campaigns targeting risky users based on those events from your network, endpoint identity or web security vendors. Then coach your users at the moment. The risky behavior occurs with contextual security tips delivered via Microsoft Teams, Slack, or email. Learn more@knowbefore.com SecurityCoach that's knowbefore.com SecurityCoach and we thank KnowBefore for sponsoring our show.
[13:41]
Dave Buettner
Imagine this. Your primary identity provider goes down. Whether it's a cloud outage, network issue, or even a cyber attack, suddenly your business grinds to a halt. But what if it didn't have to meet Identity Continuity from Strata, the game changing solution that keeps your business running smoothly no matter what. Whether your cloud IDP crashes or your on prem system faces a hiccup, Identity Continuity seamlessly shifts authentication to a secondary or even tertiary IDP automatically and without disruption. Powered by the Mavericks Identity Orchestration platform, Identity Continuity uses smart health checks to monitor your IDPs availability and instantly activates failover strategies tailored to your needs. When the coast is clear, it's a seamless switchback. No more downtime, no lost revenue, no frustrated customers, just continuous secure access to your critical applications every single time. Protect your business from the high costs of IDP outages. With Identity Continuity from Strata, downtime is a thing of the past. Visit Strada IO Cyberwire to learn how Strata's Identity Continuity can provide seamless enhanced capabilities to your existing identity fabric. And receive a free set of AirPods Pro.
[15:15]
Maria Varmazas
Welcome back. Today our guest is Clemence Poirier, Senior Cyber Defense Researcher at the center for Security Studies at ETH Zurich. Clemence and I recently spoke about cybersecurity attacks in space, and following the interview, get some tips on how not to convince prospective customers that they should secure your services.
[15:35]
Clemence Poirier
When the war in Ukraine started, of course, the invasion actually started with a cyber attack against the satellite, which is the now infamous fiasco. And prior to this there was very little interest from the space sector for cybersecurity issues and it was a bit overlooked, whether it's from engineers or the industry or public policies. So nobody really paid so much attention to that and the threat was a bit overlooked as well. But when the vase attack happened, it was a bit of something like the parallel board for the space industry. In some ways it was really a wake up call. So I decided back then to analyze this attack and analyze what happened, but also what that meant for Ukrainian armed forces and their ability to respond to the invasion, but also all the ripple effect that this attack created across Europe and what it also meant for the European space sector. And after this first attack I asked myself, okay, how many other attacks affected space systems in this conflict because everyone saw how Starlink is used to conduct military operations there, but also used by the civilian population, and how it's a central aspect of accessing connectivity there, but also how satellite images are used, how navigation, so GPS are used in the conflicts. So I asked myself, naturally there would be probably a lot of operation against space systems. So I decided to look into that. And so I crawled through hundreds and hundreds of Telegram channels, Twitter account, hacker forums and a bit weird websites, to be honest, and try to see and map groups that took sides in the conflict, because that's a big trend that happened in this war. Hacktivist group popped up and took sides in the conflict. And I decided to check how they would talk about space, how they would talk about attacking the satellites or the space sectors or space companies. And so I mapped hundreds of groups and I found 124 cyber operations that targeted the space sector in the context of the war. So by groups that either took side in the conflict or claimed that the attack was related to the conflict directly. And so that's the main finding of the report.
[18:50]
Maria Varmazas
It's been really fascinating how much that viasat attack really changed the conversation about space cybersecurity. I think previously to that there was a sense of I'm not a military asset, I don't need to worry about it, or I'm in compliance with government security standards, so I'm fine, or nobody's targeting me. This is not an issue. The conversation has completely changed since then and especially with commercial players, as you mentioned, with StarLink and obviously Viasat as well. You know, there is a whole level of complexity that is there. I am so fascinated that you not only looked at the attack itself, but also what came after in those conversations. Because that's been actually a huge question I have had in the last two plus years is for adversaries, for threat actors, how has the conversation changed for them? What are they saying? What did you see from those conversations on all sides of the conflict? Is this a domain where people feel comfortable and what kind of attacks are they trying to leverage? Are they all similar? Are there a lot of different tactics being deployed? I'm sorry, I have so many questions. I'm so fascinated here.
[20:02]
Clemence Poirier
What I first notice is that those hacker groups on their telegram channels, hacker forums, Twitter accounts, they really see space as a topic of fascination. So they really use space as a way to gather their communities and their members and create online engagement. So they very often talk about space exploration or whatever is in the news in space. They Sometimes share fun facts like the first time that coffee was brewed on the iss, or this kind of things that you would not really expect on a hacktivist group communication channel.
[20:51]
Maria Varmazas
They're nerds at heart.
[20:54]
Clemence Poirier
Exactly. And that's very funny because you don't see that about other sectors of the economy. But they also see space as an ultimate challenge and something that would bring a lot of media attention if they succeed, that is something that is perceived as more difficult to hack. So you see some groups that talk almost in a childish way, like, oh, should we. Can we hack a satellite? Should we hack a NASA satellite? And so they discuss about whether that's feasible or not. And they really see this as the final frontier for their cyber operations.
[21:49]
Maria Varmazas
The notoriety. Yeah, yep.
[21:51]
Clemence Poirier
Yes, that's definitely how it's perceived. But at the same time, when you look at their operations against the space sector, you also see that there are no groups that are specialized or entirely dedicated at targeting the space sector. So there's not one group that only targets the space sector. All the cyber operations that I could find were random, almost among bigger campaigns against specific countries. So it's quite the opposite, in fact, where they actually do not know so much about space. A lot of them say, oh, it was our first attack against satellite, or it was very complex for us to understand how the network was operating or how a satellite functions, or it was very hard to enter into the network. And so they really say acknowledge that and that difficulty. It also shows that maybe cybersecurity is a bit different in space than on Earth. And it's also interesting that Microsoft and OpenAI also disclosed that Russian hacker groups Fancy Bear also used ChatGPT to ask questions about how satellite communication functions and how to target them. So they didn't specify whether they could link it to an actual operation. But that also says that there's still a knowledge gap for threat actors about how to enter into a space system. So the space sector is not necessarily well protected. But because the nature of the system is a bit different, it also saves the sector a little bit.
[23:51]
Maria Varmazas
You can find a link to the case study Clemence mentioned in our show notes.
[24:11]
Clemence Poirier
The IT world used to be simpler. You only had to secure and manage environments that you controlled. Then came new technologies and new ways to work. Now employees, apps and networks are everywhere. This means poor visibility, security gaps, and added risk. That's why Cloudflare created the first ever Connectivity Cloud. Visit cloudflare.com to protect your business everywhere you do business.
[24:48]
Maria Varmazas
And finally, in a bizarre mix of cybercrime and self promotion. Kansas City's Nicholas Kloster faces federal charges for allegedly hacking multiple organizations to pitch his cybersecurity services. The Department of Justice alleges that Kloster breached a gym, a nonprofit and a former employer, leaving behind a trail of audacity and damages. At the gym, Kloster reportedly bypassed security cameras and routers to access systems. He then emailed the owner offering his services to fix the vulnerabilities he exploited and not stopping there. He reduced his gym membership fee to $1, deleted his profile, took a staff name tag, all before flaunting the gym's compromised cameras on social media. Career limiting move. Weeks later, he allegedly struck a nonprofit using a boot disk to bypass authentication, install a VPN and change account credentials. The breach, by the way, forced the nonprofit to spend $5,000 on remediation and upgrades. Kloster also reportedly used stolen credit card data from a former employer to buy hacking tools, cementing his status as a rogue, and I quote here entrepreneur. While his alleged antics might sound like a movie plot, Kloster, we should note, faces up to 15 years in prison. His tale is a very good reminder. Real cybersecurity pros don't exploit systems, they protect them. And that's the CyberWire. For links to all of today's stories, check out our daily briefing over@thecyberwire.com we'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly changing world of cybersecurity. If you like the show, please share a rating and review in your podcast app. Also, please fill out the survey in the show notes or send an email to cyberwire2k. We're privileged that N2k cyberwire is part of the daily routine of the most influential leaders and operators in the public and private sector. From the Fortune 500 to many of the world's preeminent intelligence and law enforcement agencies, N2K makes it easy for companies to optimize your biggest investment your people. We make you smarter about your teams while making your teams smarter. Learn how@n2k.com this episode was produced by Liz Stokes. Our mixer is Trey Hester with original music and sound design by Elliot Peltzman. Our executive producer is Jennifer Iban. Our executive editor is Brandon Karp. Simone Petrella is our president, Peter Kielpi is our publisher and I'm Maria Varmazas in for Dave Vitner. Thanks for listening. We'll see you tomorrow.
[28:04]
Dave Buettner
And now a word from our sponsor, NordPass. NordPass is an advanced password manager from the team behind NordVPN, designed to help keep your business safe from data leaks and cyber threats. It gives your IT professionals control over who has access to your company's data and makes it easy for everyone else on your team to use strong passwords. Right now, you can go to www.nordpass.com cyberwire for 35% off the NordPass business yearly plan.
[28:36]
Clemence Poirier
Don't miss out on.